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DETAILED ACTION 

This is a Non-final action for application number 10/531,753 filed on 04/18/2005. 
Claims 13-22 are currently pending and have been considered below. Claims 13 and 
18 are an independent claims. 

Information Disclosure Statement 

The information disclosure statement (IDS) submitted on 04/18/2005 is in 
compliance with the provisions of 37 CFR 1 .97. Accordingly, the information disclosure 
statement is being considered by the examiner 

Claim Rejections - 35 USC $ 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject matter 
sought to be patented and the prior art are such that the subject matter as a whole would have 
been obvious at the time the invention was made to a person having ordinary skill in the art to 
which said subject matter pertains. Patentability shall not be negatived by the manner in which 
the invention was made. 



Claims 13 - 16. and 18 - 21 are reiected under 35 U.S.C. 103(a) as being 



unpatentable over Sitaraman et al. (US 6.427.170). in view of Alkhatib et al. (US 



2004/0044778) 
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Regarding claim 13 . Sitaraman et al. teaches a metliod in an IP network, the 
network including a switch node, [a network access device (NAD) 2 in a point of 
presence (PoP) for providing user access to the data communications networit, 
wherein the networit access device is a switch node, (Sitaraman et al., Col. 6, 
lines 24-26), at least one DHCP server and at least one subscriber being associated 
with the node, the method including the steps of: creating a list of trusted ones of the 
DHCP servers, [The Dynamic Host Configuration Protocol (DHCP) has been 
developed to provide an automated assignment of IP addresses and to help solve 
the shortage of IP addresses as shown in Fig. 2, wherein multiple DHCP servers 
are shown, Ref # 8, and subscribers are the users shown also in Fig. 2, 
(Sitaraman et al.. Col. 3, lines 30-35)], 

transmitting by the subscriber a DHCP request message for an IP address, 
[When a DHCP client computer attempts an Internet connection, it broadcasts a 
DHCP request asking for any DHCP on the network to provide it with an IP 
address and configuration parameters, wherein the subscriber here as the client 
transmit a DHCP message requesting an IP address, (Sitaraman et al.. Col. 3, 
lines 35-40)], 

receiving a reply message which carries an assigned subscriber IP address, [A 
DHCP server on the network that is authorized to configure this client will offer an 
IP address by sending a reply to the client, wherein the IP address is a clients IP 
address, (Sitaraman et al.. Col. 3, lines 40-45)], 
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analyzing the reply message to be a DHCP message and having a source 
address from one of the trusted DHCP servers, [Upon receiving this offer, the client 
may decide to accept it or wait for additional offers from other DHCP servers on 
the network. At the end, the client chooses and accepts one offer, and the chosen 
DHCP server sends an acknowledgment with the offered IP address, wherein 
when the reply is received it will be analyzed by the client, (Sitaraman et al., Col. 
3,lines 39-45)], 

updating a filter dynamically in the node, the filter storing an identification of the 
subscriber and the assigned subscriber IP address, [the adapter 16 filters users' 
home PoP IDs on its own PoP ID, so that the local cache 6 at a PoP receives 
events for the users having a home PoP ID of that PoP, wherein the adapter is a 
filter that stores the identification the subscriber, (Sitaraman et al.. Col. 10, lines 
27-31)], 

comparing in the filter said source IP address with the stored subscriber IP 
address, [These "dynamic" IP addresses are compared with static IP addresses 
that are practically permanently allocated and recorded, typically, in DNS servers, 
(Sitaraman et al.. Col. 4, lines 10-14)], 

Sitaraman et al. fails to teach discarding said frame when said source IP address 
differs from the stored subscriber IP address, 

Alkhatib et al. teaches transmitting a frame from the subscriber using a source IP 
address, having the sender break the input data up into fames, transmit the frames and 
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process the acknowledgment frames sent back by the receiver, (Alkhatib et al., 
Paragraph 10, page 1), 

Alkhatib et al. further teaches discarding said frame when said source IP address 
differs from the stored subscriber IP address, wherein checking IP address in incoming 
packets, rejecting those in which the source IP address is different than the destination 
IP address, (Alkhatib et al., Paragraph 149, page 9), in order to devices to be 
reachable so that a host outside of the private network can initiate communication with 
the mobile computing device, (Alkhatib et al., Paragraph 19, page 2), 

It would have been obvious to one of ordinary skill In the art at the time of the 
Invention was made to modify Sitaraman et al. by discarding said frame when said 
source IP address differs from the stored subscriber IP address, wherein checking IP 
address in incoming packets, rejecting those in which the source IP address is different 
than the destination IP address, (Alkhatib et al., Paragraph 149, page 9), In order to 
devices to be reachable so that a host outside of the private network can Initiate 
communication with the mobile computing device, (Alkhatib et al.. Paragraph 19, page 
2). 

Regarding claim 14 . the method In an IP network according to claim 13, further 
comprising the step of storing in the filter a subscriber MAC address, [and a home PoP 
ID for the user, (Sitaraman et al.. Col. 8, lines 12-20)], a subscriber physical port 
number, [one of the check attributes may be the Port-ID attribute carrying a 
specific value, (Sitaraman et al.. Col. 13, lines 39-42)], a subscriber virtual LAN 
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identity, [this ping utility only works effectively in a small system such as a LAN 
and when all users on the network are running their computers, (Sitaraman et al., 
Col. 3, lines 57-62)], and a lease time interval for the assigned subscriber IP address, 
[the time at which the IP address was allocated (or the lease grant time), expiry 
time of the IP address (or the lease time), and a home PoP ID for the user, 
(Sitaraman et al.. Col. 8, lines 12-20)]. 

Regarding claim 15 . the method in an IP network according to claim 13, wherein 
the subscriber IP address is statically assigned and handled by the DHCP servers, [The 
Dynamic Host Configuration Protocol (DHCP) has been developed to provide an 
automated assignment of IP addresses and to help solve the shortage of IP 
addresses, wherein the DHCP here is assigned to handle the IP address of the 
subscriber, (Sitaraman et al., Col. 3, lines 30-35), wherein the dynamic IP 
addresses are compared with static IP addresses that are practically permanently 
allocated and recorded in DNS servers, (Sitaraman et al.. Col. 4, lines 10-13)]. 

Regarding claim 16 , the method in an IP network according to claim 14, the 
method including deleting the subscriber identification and the corresponding assigned 
subscriber IP address from the filter when the lease time interval is out, [the IP address 
allocation event includes a user name, an IP address allocated to the user, the 
time at which the IP address was allocated (or the lease grant time), expiry time of 
the IP address (or the lease time), and a home PoP ID for the user, wherein the 
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DNS server deletes mappings between domain names and IP addresses from its 
association database in response to IP address revoke events received from said 
controller memory publisher, (Sitaraman et al., Col. 8, lines 12-20)]. 

Regarding claim 18 . a device in an IP network, the device including: at least one 
port for a subscriber, an uplink port for DHCP servers in the network, [one of the check 
attributes may be the Port-ID attribute carrying a specific value, (Sitaraman et al.. 
Col. 13, lines 39-42)], 

and a filter device having a list of trusted ones of the DHCP servers, the filter 
device being associated with the ports, [The Dynamic Host Configuration Protocol 
(DHCP) has been developed to provide an automated assignment of IP addresses 
and to help solve the shortage of IP addresses as shown in Fig. 2, wherein 
multiple DHCP servers are shown, Ref # 8, (Sitaraman et al., Col. 3, lines 30-35)], 

wherein: the device is operative to receive a subscriber IP address request 
message on the subscriber port, analyze it to be a DHCP message and transmit it on 
the uplink port, [A DHCP server on the network that is authorized to configure this 
client will offer an IP address by sending a reply to the client, wherein the IP 
address is a clients IP address, (Sitaraman et al.. Col. 3, lines 40-45)], 

the device is operative to receive a reply message on the uplink port, analyze it 
to be a DHCP message and to have a source IP address from one of the trusted DHCP 
servers on the list, [Upon receiving this offer, the client may decide to accept it or 
wait for additional offers from other DHCP servers on the network. At the end, the 
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client chooses and accepts one offer, and the chosen DHCP server sends an 
acknowledgment with the offered IP address, wherein when the reply is received 
it will be analyzed by the client, (Sitaraman et al.. Col. 3,lines 39-45)], 

the device is operative to dynamically update the filter with an identification of the 
subscriber and a corresponding assigned subscriber IP address in the reply message, 
[the adapter 16 filters users' home PoP IDs on its own PoP ID, so that the local 
cache 6 at a PoP receives events for the users having a home PoP ID of that PoP, 
wherein the adapter is a filter that stores the identification the subscriber, 
(Sitaraman et al., Col. 10, lines 27-31)], 

the device is operative to compare in the filter said source IP address with the 
stored subscriber IP address, [These "dynamic" IP addresses are compared with 
static IP addresses that are practically permanently allocated and recorded, 
typically, in DNS servers, (Sitaraman et al., Col. 4, lines 10-14)], 

Sitaraman et al. fails to teach discarding said frame when said source IP address 
differs from the stored subscriber IP address, 

Alkhatib et al. teaches transmitting a frame from the subscriber using a source IP 
address, having the sender break the input data up into fames, transmit the frames and 
process the acknowledgment frames sent back by the receiver, (Alkhatib et al.. 
Paragraph 10, page 1), 

Alkhatib et al. further teaches discarding said frame when said source IP address 
differs from the stored subscriber IP address, wherein checking IP address in incoming 
packets, rejecting those in which the source IP address is different than the destination 
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IP address, (Alkhatib et al., Paragraph 149, page 9), in order to devices to be 
reachable so that a host outside of the private network can initiate communication with 
the mobile computing device, (Alkhatib et al., Paragraph 19, page 2), 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify Sitaraman et al. by discarding said frame when said 
source IP address differs from the stored subscriber IP address, wherein checking IP 
address in incoming packets, rejecting those in which the source IP address is different 
than the destination IP address, (Alkhatib et al.. Paragraph 149, page 9), to devices to 
be reachable so that a host outside of the private network can initiate communication 
with the mobile computing device, (Alkhatib et al.. Paragraph 19, page 2). 

Regarding claim 19 . the device in an IP network according to claim 18, the 
device being further operative to store in the filter a subscriber MAC address, [and a 
home PoP ID for the user, (Sitaraman et al.. Col. 8, lines 12-20)], a subscriber 
physical port number, [one of the check attributes may be the Port-ID attribute 
carrying a specific value, (Sitaraman et al.. Col. 13, lines 39-42)], a subscriber 
virtual LAN identity, [this ping utility only works effectively in a small system such 
as a LAN and when all users on the network are running their computers, 
(Sitaraman et al., Col. 3, lines 57-62)], and a lease time interval for the assigned 
subscriber IP address, [the time at which the IP address was allocated (or the lease 
grant time), expiry time of the IP address (or the lease time), and a home PoP ID 
for the user, (Sitaraman et al.. Col. 8, lines 12-20)]. 
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Regarding claim 20 . the device in an IP networl< according to claim 18, wherein 
the subscriber IP address comprises a statically assigned address which is handled by 
the DHCP servers, [The Dynamic Host Configuration Protocol (DHCP) has been 
developed to provide an automated assignment of IP addresses and to help solve 
the shortage of IP addresses, wherein the DHCP here is assigned to handle the IP 
address of the subscriber, (Sitaraman et al.. Col. 3, lines 30-35)]. 

Regarding claim 21 . the device in an IP network according to claim 19, the 
device being further operative to delete the subscriber identification and the 
corresponding assigned subscriber IP address from the filter when the lease time 
interval is out, [the IP address allocation event includes a user name, an IP address 
allocated to the user, the time at which the IP address was allocated (or the lease 
grant time), expiry time of the IP address (or the lease time), and a home PoP ID 
for the user, wherein the DNS server deletes mappings between domain names 
and IP addresses from its association database in response to IP address revoke 
events received from said controller memory publisher, (Sitaraman et al.. Col. 8, 
lines 12-20)]. 

Claims 17 and 22 are reiected under 35 U.S.C. 103(a) as being unpatentable 
over Sitaraman et al. (US 6.427.1 70). in view of Alkhatib et al. rUS 2004/0044778) and 
further in view of Tavlor et al. (US 2002/0065919). 
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Regarding claims 17 and 22 . Tlie modified Sitaraman et al. teaches tine metliod 
in an IP networl< according to claim 13, the method further comprising the steps of: 
counting a number of attempts (n) from the subscriber to use an illegitimate IP address, 
[When a DHCP client computer attempts an Internet connection, it broadcasts a 
DHCP request asking for any DHCP server on the network to provide it with an IP 
address and configuration parameters, wherein the attempt to connect to the 
internet will be counted, (Sitaraman et al.. Col. 3, lines 34-39)], 

The modified Sitaraman et al. fails to teach sending a warning signal when the 
number of attempts exceeds a threshold criteria, 

Taylor et al teaches comparing the number (n) of the attempts with a threshold 
number (N), [DB servers may include circuitry which checks for a time stamp 
discrepancy which exceeds a particular threshold, and sends a warning message, 
wherein the numbers are compared with a specific threshold, Taylor et al., 
Paragraph 131, Page 8)], 

Taylor et al further teaches sending a warning signal when the number of 
attempts exceeds a threshold criteria, (Taylor et al.. Paragraph 131, Page 8), in order 
to Increase security, (Taylor et al.. Paragraph 167, Page 10), 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the modified Sitaraman by comparing the number (n) of 
the attempts with a threshold number (N), DB servers may include circuitry which 
checks for a time stamp discrepancy which exceeds a particular threshold, and sends a 
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warning message, wiierein the numbers are compared witii a specific tliresliold, (Taylor 
et al., Paragraph 131, Page 8), and sending a warning signal when the number of 
attempts exceeds a threshold criteria, (Taylor et al., Paragraph 131, Page 8), in order 
to increase security, (Taylor et al.. Paragraph 167, Page 10). 



Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shaq Taha whose telephone number is 571-270-1921 . 
The examiner can normally be reached on 8:30am-5pm Mon-Fri. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jeff Pwu can be reached on 571-272-6798. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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